strange routing (?) issues with a jail

Glenn Dawson glenn at antimatter.net
Wed Sep 28 20:25:52 PDT 2005


At 04:08 PM 9/28/2005, tsuraan wrote:
>I have a freebsd 5.3 machine, with a jailed off machine running in it.
>  Let's call them host and slave (they have seperate IP addresses and
>hostnames).  Within the slave, I have sshd and apache running.  In the
>host, I just have sshd running.   From within the slave machine, I can
>connect to localhost ports 80 and 22, with the expected results.  From
>within the host machine, I can connect to the slave's ports 80 and 22
>correctly as well.  From outside that machine, I can only connect to
>port 22 on the slave.  Attempts to connect to port 80 on the slave
>time out.
>
>The slave is running apache version 1.33+modssl from ports.  I have it
>configured with a basic vhosting setup, and it seems to work perfectly
>from within the physical machine the jail is running on.  Pf is
>totally disabled, and it's a fresh install with no strange services
>running or unnecessary packages installed.  Can anyone give a hint as
>to why someone external would be unable to connect to port 80, but
>able to connect to port 22?

Are the IP's for the host and the jail on the same network?  A look 
at the relevant portions of rc.conf from both the host and the jail 
would be most helpful in troubleshooting the problem.

You'll also want to make sure that sshd in the host is being told to 
listen only to it's IP.  If you don't and there's no sshd running in 
the jail, you'll get a connection to the host instead of the jail.

-Glenn

>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"



More information about the freebsd-questions mailing list